beautypg.com

H3C Technologies H3C SecBlade IPS Cards User Manual

Page 161

background image

17-4

Task

Remarks

Configuring Learning Rules

Optional

Modify the learning rules of a DDoS policy.

It is not allowed to modify any learning rules of the default DDoS policy “DDoS
Policy”.

Applying a DDoS Policy on a
Segment

Required

Apply a DDoS policy to a segment.

Before configuring this task, you need to configure the segment in the page
you enter by selecting System Management > Network Management >
Segment Configuration. For more information, refer to Network
Management Configuration.

Activating Configurations

Required

Activate all Class B configurations, including the configured policies, learning
rules, and policy applications.

z

There are two categories of configurations in the system: Class A and
Class B. Class A configurations take effect immediately, while Class B
configurations must be activated to take effect.

z

The Activate button is present on all pages with Class B configurations.
Clicking the button on any page will activate all Class B configurations.
You are recommended to complete all Class B configurations before
clicking the Activate button.

Performing Traffic Learning

Required

Refer to

Maintaining a DDoS Policy Application

for detailed operations.

z

It is recommended that a traffic learning process should not last more than
3 minutes; otherwise, dynamic filtering rules may not be generated.

z

You need to start a traffic learning process manually. The traffic learning
process ends when the specified interval expires and you can also stop it
manually during traffic learning.

z

During traffic learning, make sure that no attacking traffic exists.

Configuring Detection Rules

Optional

Manage and configure detection rules.

Performing Threshold
Adjustment

Optional

Refer to

Maintaining a DDoS Policy Application

for detailed operations.

Threshold adjustment can be manually or automatically started, depending on
the configuration of the DDoS policy application. If you stop a running traffic
learning process, the system cannot start threshold adjustment automatically,
and you need to manually start it.

Performing
Detection&Protection

Required when detection&protection has manual startup mode configured.

Refer to

Maintaining a DDoS Policy Application

for detailed operations.

Detection&protection can be manually or automatically started, depending on
the configuration of the DDoS policy application. If you stop a running traffic
learning or threshold adjustment process, the system cannot start
detection&protection automatically, and you need to manually start it.

See also other documents in the category H3C Technologies Safety: